This prompted a compelling discussion on the topic in a Linkedin group where I suggested that actually Cloud is Enterprise Architecture.

Yes “the Cloud” is a place, which people point to in a vague hand waving motion implying it’s really far away and quite ephereal, but Cloud Computing is now also a practice.

Cloud EA – Maturity model

Due to the convergence of enterprise IT and Internet 2.0 standards, and the expansion via Private Cloud, the field now represents a design approach to IT systems in general as well as hosted applications and infrastructure.

Cloud is actually becoming an excellent source of EA best practices. Standards work like Cloud Management from the DMTF now provides a fairly generalized set of blueprints for enteprise IT architecture that an organization could use as design assets independent of using any Cloud providers.

Cloud Identity Management

Of course it’s highly likely they will use Cloud providers, and so the reason why Cloud EA will be so valuable and powerful is that it can cope with this new world as well leverage it for better internal practices too.

For example one key area tackled in the DMTF architecture is ‘Cloud Identity’, stating that Cloud providers should utilize existing Identity Management standards to streamline their own apps, and should ideally integrate with corporate identity systems like Active Directory.

Catering for these types of needs is a great context for driving new business start-ups too. For example Cloud Identity meets these needs, and helps quantify the activities in this section of the model.

Their software caters for the workflow automation of staff and temporary workers using a myriad of Cloud apps like Salesforce.com, integrating with in-house systems like Active Directory to manage the processes of provisioning and de-provisioning accounts for new staff members, and providing them a convenient single sign-on facility.

Key features are that it can enable a corporation to leverage OpenID, providing employees their own corporate, secured version so that not only can their web experience be streamlined, but it recognizes the context of this activity too, ie. on behalf of their corporate employer.

This means their employer can then play a role in the overall ‘Identity metasystem‘ that OpenID is intended to create, and provides tools for auditing and alerting that critically can be applied across federated environments, a “Community Cloud” of organizations partnering together, like hospitals, healthcare and social authorities.

It’s this same scenario that the Federated PIA is intended to address, so these Cloud EA practices can be directly aligned with their key counterparts in areas like government privacy assessment.